Patent application title: COPY-PROTECTED SOFTWARE CARTRIDGE

Abstract:

A cartridge preferably for use with a game console. The cartridge
comprises a ROM, a non-volatile memory, a processor and an encryption
unit. An application running on the console may read data from the ROM,
read data from the non-volatile memory, and write data in the
non-volatile memory. Data to be written in the non-volatile memory is
encrypted by the encryption unit, but data to be read is returned in
encrypted form for decryption by a decryption function of the game
application. Data may also be received encrypted to be decrypted and
returned. The encryption or decryption unit may also receive data from
the non-volatile memory and send it to the interface. The invention
improves on the prior art copy protection as a hacker must reverse
engineer the game application in order to copy it, if the encryption unit
is unknown. The invention also provides an optical medium equipped with a
RFID circuit.

Claims:

1. A copy-protected storage support adapted for use with a console, the
storage support comprising: a data storage area adapted to store at least
parts of an application executable on the console; and an interface
adapted to: send application data read from the data storage area to the
console (1) via an interface of the console; wherein the storage support
further comprises: a memory adapted for storage of application parameter
data received by the interface from the application executed on the
console; a cryptographic unit adapted to receive application parameter
data from the interface, perform a cryptographic operation on the
received application parameter data, and store the received application
parameter data in the memory; wherein the interface is further adapted
to: read application parameter data from the memory; communicate, via the
interface of the console, the read application parameter data to the
application executed on the console; and the interface either receiving
application parameter data in encrypted form from the application
executed on the console and returning application parameter data in
unencrypted form to the application executed on the console, or receiving
application parameter data in unencrypted form from the application
executed on the console and returning application parameter data in
encrypted form to the application executed on the console.

2. A copy-protected storage support adapted for use with a console, the
storage support comprising: a data storage area adapted to store at least
parts of an application executable on the console; and an interface
adapted to: send application data read from the data storage area to the
console via an interface of the console; wherein the storage support
further comprises: a memory adapted for storage of application parameter
data received by the interface from the application executed on the
console; a cryptographic unit adapted to receive application parameter
data from the memory, perform a cryptographic operation on the received
application parameter data, and send the received application parameter
data to the interface; wherein the interface is further adapted to:
receive, via the interface of the console, application parameter data
from the application executed on the console; and store the received
application parameter data in the memory; and the interface either
receiving application parameter data in encrypted form from the
application executed on the console and returning application parameter
data in unencrypted form to the application executed on the console, or
receiving application parameter data in unencrypted form from the
application executed on the console and returning application parameter
data in encrypted form to the application executed on the console.

3. The storage support of claim 1, wherein the cryptographic operation is
decryption of the data, and wherein the interface is adapted to receive
the data in encrypted form from the console and to return the data in
unencrypted form to the console.

4. The storage support of claim 1, wherein the cryptographic operation is
encryption of the data, and wherein the interface is adapted to receive
the data in unencrypted form from the console and to return the data in
encrypted form to the console.

5. The storage support of claim 1, wherein the storage support is a
cartridge and the data storage area is a memory.

6. The storage support of claim 1, wherein the storage support is an
optical storage medium embodying the data storage area, the optical
storage medium being equipped with a RFID circuit that embodies the
interface, the memory and the encryption unit.

7. The storage support of claim 1, wherein the algorithm used to encrypt
the data is based on asymmetrical cryptography.

Description:

FIELD OF THE INVENTION

[0001] The present invention relates generally to computer software, and
in particular to copy protection for software on cartridges.

BACKGROUND OF THE INVENTION

[0002] This section is intended to introduce the reader to various aspects
of art, which may be related to various aspects of the present invention
that are described and/or claimed below. This discussion is believed to
be helpful in providing the reader with background information to
facilitate a better understanding of the various aspects of the present
invention. Accordingly, it should be understood that these statements are
to be read in this light, and not as admissions of prior art.

[0003] Computer programs, and in particular computer games (which will
hereinafter be used as a non-limitative example), have long been stored
on so called cartridges for ease of use, other advantages being instant
access to the software and the robustness of the package. Such cartridges
typically comprise an interface for interaction with a console, a ROM
that stores the software application, and a further memory, preferably
non-volatile, for storing game parameters.

[0004] However, software on these cartridges is almost as vulnerable to
copying as `normal` software. Naturally, software providers have come up
with defences against copying, such as the use of dedicated interfaces
and chipsets, and encryption of the software application. Unfortunately,
hackers have been able to crack the prior art defences and practically
all current programs may be found on the Internet, e.g. on sites
dedicated to hacking.

[0005] European patent application EP 07300965 teaches a system for
protection of pre-recorded media. The media is associated with a secure
processor that stores information and software that a player needs in
order to fully access the content. Whenever the player needs this
information or the result of the software, it contacts the secure
processor and waits for the response. A disadvantage with this solution
is that players that are not adapted to interact with the secure
processor are unable to use the content.

[0006] It can therefore be appreciated that there is a need for a solution
that improves copy protection of software on cartridges, preferably
enabling the continued use of existing consoles. This invention provides
such a solution.

SUMMARY OF THE INVENTION

[0007] In a first aspect, the invention is directed to a copy-protected
storage support adapted for use with a console. The storage support
comprises a memory adapted to store application parameter data; a data
storage area adapted to store at least parts of an application executable
on the console; and an interface adapted to send application data read
from the data storage area to the console via an interface of the
console, read application parameter data from the memory and communicate,
via the interface of the console, the read application parameter data to
the application executed on the console. The storage support further
comprises a cryptographic unit adapted to receive application parameter
data from the interface, perform a cryptographic operation on the
received application parameter data, and store the received application
parameter data in the memory. The interface is further adapted either to
receive application parameter data in encrypted form from the application
executed on the console and to return application parameter data in
unencrypted form to the application executed on the console, or to
receive application parameter data in unencrypted form from the
application executed on the console and to return application parameter
data in encrypted form to the application executed on the console.

[0008] In a second aspect, the invention is directed to a copy-protected
storage support adapted for use with a console. The storage support
comprises a memory adapted to store application parameter data; a data
storage area adapted to store at least parts of an application executable
on the console; and an interface adapted to send application data read
from the data storage area to the console via an interface of the
console, receive, via the interface of the console, application parameter
data from the application executed on the console and store received
application parameter data in the memory. The storage support further
comprises a cryptographic unit adapted to receive application parameter
data from the memory, perform a cryptographic operation on the received
application parameter data, and send the received application parameter
data to the interface. The interface is further adapted either to receive
application parameter data in encrypted form from the application
executed on the console and to return application parameter data in
unencrypted form to the application executed on the console, or to
receive application parameter data in unencrypted form from the
application executed on the console and to return application parameter
data in encrypted form to the application executed on the console.

[0009] In first preferred embodiments, the cryptographic operation is
decryption of the data, and the interface is adapted to receive the data
in encrypted form from the console and to return the data in unencrypted
form to the console.

[0010] In second preferred embodiments, the cryptographic operation is
encryption of the data, and the interface is adapted to receive the data
in unencrypted form from the console and to return the data in encrypted
form to the console.

[0011] In third preferred embodiments, the storage support is a cartridge
and the data storage area is a memory.

[0012] In fourth preferred embodiments, the storage support is an optical
storage medium embodying the data storage area. The optical storage
medium is equipped with a RFID circuit that embodies the interface, the
memory and the encryption unit.

[0013] In fifth preferred embodiments, the algorithm used to encrypt the
data is based on asymmetrical cryptography.

BRIEF DESCRIPTION OF THE DRAWINGS

[0014] Preferred features of the present invention will now be described,
by way of non-limiting example, with reference to the accompanying
drawings, in which:

[0015] FIG. 1 illustrates a console with a cartridge according to a
preferred embodiment of the invention;

[0016] FIG. 2 illustrates a console with a cartridge according to an
alternative embodiment of the invention; and

[0017]FIG. 3 illustrates a console with an optical medium according to a
variant embodiment of the invention.

PREFERRED EMBODIMENT OF THE INVENTION

[0018] FIG. 1 illustrates a console 1 with a cartridge 2 according to a
preferred embodiment of the invention. In the description, the term
"console" is used to denote a device that is able to interact with a
cartridge so as to execute an application stored on it, and the term
"cartridge" is used to denote a physical object using solid state memory
to store the application. The cartridge 2 may advantageously be
releasably connected to the console 1.

[0019] The console comprises one or more processors (hereinafter
"processor") 10 for execution of software applications and an interface
manager 14, that implements a physical and logical interface, for
interaction with the cartridge 2. The interface 14 may be through a
typical address/data bidirectional bus or through calls to one or more
functions.

[0020] The console further comprises read-only memory (ROM) 11 storing at
least one application, firmware, and middleware; random access memory
(RAM) 12 storing temporary data and a game application 3 loaded from the
cartridge 2; a user interface 13 for interaction with one or more users
through e.g. screen and loudspeakers, and key, buttons, and touch
screens. The processor 10 is adapted to execute the at least one
application in the ROM and the game application 3 stored in the RAM 12.

[0021] The interface 14 preferably detects the presence of the cartridge 2
automatically. Typically, when the cartridge 2 is not present, the bus is
not powered, and no power is supplied. As soon as the cartridge 2 is
present, the power is supplied to the cartridge 2, and the data bus is
also powered. The power supply is not illustrated as it is beyond the
scope of this invention.

[0022] The cartridge 2 comprises an interface 24 adapted to communicate
with the interface 14 of the console 1. The cartridge further comprises a
ROM 21 that stores the game application at a fixed address (such as
0x00000) and at least one non-volatile memory (hereinafter "non-volatile
memory") 22 adapted to store e.g. game parameters such as the players
current position in the game. The non-volatile memory 22 may for example
be an Electrical Erasable PROgrammable Memory (EEPROM) or a Flash memory.
The cartridge 2 also comprises an encryption unit 23 that, preferably
securely, stores an encryption key K. It should be noted that the key K
may also be stored elsewhere in the cartridge 2.

[0023] In a preferred embodiment, the encryption unit 23 is a hardware RSA
scrambler with an embedded 1024-bit private key as encryption key K. The
encryption key K may be the same for all cartridges 2 for the same game
application 3, but it is also possible to use different encryption keys K
between batches of cartridges 2 or indeed individual cartridges 2.

[0024] The ROM 21, the non-volatile memory 22, the encryption unit 23, and
the interface 24 may be implemented in a single chip, such as a system on
chip (SOC) or as two or more separate circuits.

[0025] The game application 3 is a virtual entity used to clarify the
invention. The game application may be said to be the software program
from at least the ROM 21 (parts of the game application 3 may be received
from other sources, such as e.g. over the Internet) as executed by the
processor 10. The game application 3 may further be said to be aware of
the internal organization of the cartridge 2. When it is executed by the
processor 10, the game application 3 may communicate, via the interfaces
14 and 24, with the cartridge 2 in order to perform at least one action,
such as: read data from the ROM 21; read data from the non-volatile
memory 22; and write data in the non-volatile memory 22. When data is to
be written in the non-volatile memory 22, the interface 24 forwards the
data to the encryption unit 23 for encryption with key K and storage. It
should be noted that the encryption unit stores the data either directly
(i.e. by writing in the non-volatile memory 22) or indirectly (i.e. by
passing the data to an intermediate unit). However, when data is to be
read from the non-volatile memory 22, the interface 24 reads the data
from the non-volatile memory 22 and forwards the data in encrypted form
to the game application 3. The skilled person will appreciate that the
encryption unit does not decrypt stored data, and that data thus is
received by the cartridge "in the clear" and sent from the cartridge in
encrypted form.

[0026] The game application 3 comprises a decryption function 30 and a
decryption key K-1 that corresponds to the encryption key K. In case
asymmetrical cryptography is used, there is no need to "hide" the
decryption key K-1 within the game application 3. However, if
symmetrical cryptography is used, then the decryption key K-1 should
be hidden somehow, for example by using so-called "white-box
cryptography". As described hereinbefore, the game application may
communicate with the cartridge 2 in order to: read data from the ROM 21,
write data in the non-volatile memory 22, and read data from the
non-volatile memory 22. Data to be written in the non-volatile memory 22
is sent "in the clear," or possibly encrypted using a session key that
protects data sent between the interfaces 14, 24, to be encrypted and
stored. Data read from the non-volatile memory 22 is received in
encrypted form and decrypted by the decryption function 30 using the
decryption key K-1.

[0027] In a preferred embodiment, the decryption routine 30 of the game
application 3 implements an RSA descrambler and the decryption key
K-1 is the public key corresponding to private encryption key K.

[0028] The invention can thus combat easy hacking and copying of the game,
as the assumption is that the hacker never has access to key K used by
the encryption unit 23. If this is true, the hacker cannot duplicate the
cartridge 2 without modifying the game application 3.

[0029] FIG. 2 illustrates a console with a cartridge according to an
alternative embodiment of the invention. In this embodiment, the console
1 may be identical to the console of the preferred embodiment. The
cartridge 2 comprises an interface 24, a ROM 21, a non-volatile memory
22, and a decryption unit 25. The game application 3 comprises an
encryption function 31.

[0030] A main difference between the alternative embodiment and the
preferred embodiment is that the game application 3 here is adapted to
encrypt data, using key K, for storage in the non-volatile memory 22 of
the cartridge. The encrypted data is received by the interface 24,
forwarded to the decryption unit 25 that decrypts the data using key
K-1 and sends the decrypted data to the non-volatile memory 22 for
storage. When the game application 3 then requests the data, the
interface 24 retrieves the unencrypted data from the non-volatile memory
22 and sends it to the console 1.

[0031] It will be appreciated that a variant is possible in both
embodiments. The encryption unit 23 and the decryption unit 25 may be
located "on the other side" of the non-volatile memory 22. For example,
in the preferred embodiment, the data is stored unencrypted in the
non-volatile memory 22 and encrypted by the encryption unit 23 when the
data is requested by the game application 3.

[0032]FIG. 3 illustrates a console 1 with an optical medium 4 according
to a variant embodiment of the invention. The variant embodiment
resembles the preferred embodiment quite a bit--one difference being that
the static storage medium is an optical medium and not a read-only
memory--and description of similar features may thus be shortened. The
optical medium 4, for example a CD-ROM or a DVD, is equipped with a RFID
(Radio Frequency Identification) circuit 41 that comprises an interface
42, a non-volatile memory 22, and an encryption unit 23 storing an
encryption key K. The console 1 comprises a first interface 43 for
interaction with the RFID circuit 41 and a second interface 44 for
interaction with the optical medium 4. It is possible that the two
interfaces are embodied as a single component.

[0033] The game application 3, as executed by the processor 10 may perform
at least three actions concerning the optical medium 4: through the
second interface 44, it may read data from the optical medium 4 as such
(corresponds roughly to the ROM in the preferred embodiment); and through
the first interface 43 it may read data from and write data to the
non-volatile memory 22 in the RFID circuit 41. As in the preferred
embodiment, data to be written in the non-volatile memory 22 is
preferably sent "in the clear" and encrypted by the encryption unit 23,
while data read from the non-volatile memory 22 is read "as is" and
returned in an encrypted form for decryption by the decryption unit 30 of
the game application 3.

[0034] An advantage of the invention is that it can enable old consoles to
use new, protected cartridges without modification to the former, as the
consoles need no knowledge of the architecture of a cartridge.

[0035] It will thus be appreciated that the present invention provides an
improved software copy protection system. The person skilled in the art
will appreciate that it is not limited to games.

[0036] Each feature disclosed in the description and (where appropriate)
the claims and drawings may be provided independently or in any
appropriate combination. Features described as being implemented in
hardware may also be implemented in software, and vice versa. Connections
may, where applicable, be implemented as wireless connections or wired,
not necessarily direct or dedicated, connections. Only feature relevant
to the invention have been described; features not necessary for the
description of the invention have been left out intentionally to
facilitate understanding.

[0037] Reference numerals appearing in the claims are by way of
illustration only and shall have no limiting effect on the scope of the
claims.